Subversion Repositories oidplus

Compare Revisions

Regard whitespace Rev 1438 → Rev 1439

/trunk/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
219,7 → 219,7
{
switch ($algo) {
case 'desCBC':
$cipher = new TripleDES('cbc');
$cipher = new DES('cbc');
break;
case 'des-EDE3-CBC':
$cipher = new TripleDES('cbc');
/trunk/vendor/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php
1332,7 → 1332,8
*/
protected static function testJITOnWindows()
{
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' && function_exists('opcache_get_status') && !defined('PHPSECLIB_ALLOW_JIT')) {
// see https://github.com/php/php-src/issues/11917
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' && function_exists('opcache_get_status') && PHP_VERSION_ID < 80213 && !defined('PHPSECLIB_ALLOW_JIT')) {
$status = opcache_get_status();
if ($status && isset($status['jit']) && $status['jit']['enabled'] && $status['jit']['on']) {
return true;
/trunk/vendor/phpseclib/phpseclib/phpseclib/Math/BinaryField.php
48,6 → 48,15
public function __construct(...$indices)
{
$m = array_shift($indices);
if ($m > 571) {
/* sect571r1 and sect571k1 are the largest binary curves that https://www.secg.org/sec2-v2.pdf defines
altho theoretically there may be legit reasons to use binary finite fields with larger degrees
imposing a limit on the maximum size is both reasonable and precedented. in particular,
http://tools.ietf.org/html/rfc4253#section-6.1 (The Secure Shell (SSH) Transport Layer Protocol) says
"implementations SHOULD check that the packet length is reasonable in order for the implementation to
avoid denial of service and/or buffer overflow attacks" */
throw new \OutOfBoundsException('Degrees larger than 571 are not supported');
}
$val = str_repeat('0', $m) . '1';
foreach ($indices as $index) {
$val[$index] = '1';
/trunk/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php
1122,6 → 1122,7
4 => 'NET_SSH2_MSG_DEBUG',
5 => 'NET_SSH2_MSG_SERVICE_REQUEST',
6 => 'NET_SSH2_MSG_SERVICE_ACCEPT',
7 => 'NET_SSH2_MSG_EXT_INFO', // RFC 8308
20 => 'NET_SSH2_MSG_KEXINIT',
21 => 'NET_SSH2_MSG_NEWKEYS',
30 => 'NET_SSH2_MSG_KEXDH_INIT',
1535,6 → 1536,8
$preferred['client_to_server']['comp'] :
SSH2::getSupportedCompressionAlgorithms();
 
$kex_algorithms = array_merge($kex_algorithms, array('ext-info-c'));
 
// some SSH servers have buggy implementations of some of the above algorithms
switch (true) {
case $this->server_identifier == 'SSH-2.0-SSHD':
2332,7 → 2335,23
throw $e;
}
 
list($type, $service) = Strings::unpackSSH2('Cs', $response);
list($type) = Strings::unpackSSH2('C', $response);
 
if ($type == NET_SSH2_MSG_EXT_INFO) {
list($nr_extensions) = Strings::unpackSSH2('N', $response);
for ($i = 0; $i < $nr_extensions; $i++) {
list($extension_name, $extension_value) = Strings::unpackSSH2('ss', $response);
if ($extension_name == 'server-sig-algs') {
$this->supported_private_key_algorithms = explode(',', $extension_value);
}
}
 
$response = $this->get_binary_packet();
list($type) = Strings::unpackSSH2('C', $response);
}
 
list($service) = Strings::unpackSSH2('s', $response);
 
if ($type != NET_SSH2_MSG_SERVICE_ACCEPT || $service != 'ssh-userauth') {
$this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR);
throw new \UnexpectedValueException('Expected SSH_MSG_SERVICE_ACCEPT');
2608,7 → 2627,7
$privatekey = $privatekey->withPadding(RSA::SIGNATURE_PKCS1);
$algos = ['rsa-sha2-256', 'rsa-sha2-512', 'ssh-rsa'];
if (isset($this->preferred['hostkey'])) {
$algos = array_intersect($this->preferred['hostkey'], $algos);
$algos = array_intersect($algos, $this->preferred['hostkey']);
}
$algo = self::array_intersect_first($algos, $this->supported_private_key_algorithms);
switch ($algo) {
3417,6 → 3436,8
$this->session_id = false;
$this->retry_connect = true;
$this->get_seq_no = $this->send_seq_no = 0;
$this->channel_status = [];
$this->channel_id_last_interactive = 0;
}
 
/**